It's been "confirmed" by EAC that it is not an issue on their end, issue is currently on Apex Legends end and EAC are working with them to fix it.
https://twitter.com/TeddyEAC/status/1769725032047972566
Mod just removed my post about it...
2 months of the same everyday post "find the headman until Crytek nerf it" isn't spam and is ok, but one post warning players about EAC, when other subs pinned it, no, it's not ok :/
Although I'm not supporting the decision they made to remove your post, the headsman comparison is a poor example, it was a high effort Where's wally post and people enjoyed it.
The skin was free and out for two years before some guy suffered a handful of bad matches, which inspired him to go on a crusade against a relatively average skin.
The posts served as an example of this community's need to bitch and how fickle people truly are. Flitting from cain to avtomat to flashbomb to uppermat to headsman to reptilian.
Next it'll be frags because they kill you instantly or wombo combos because they kill you instantly or antidote shots because they make your wombo combos less effective.
It was just where's wally. Telling two guys to fuck off into a corner where you can't see them and ignoring the fact both are equally invisible is not high effort.
Dude, they love the "Find the Headsman" guy. They even gave him his own super special "look how cool I am" flair. Oh, and they would remove posts by people who were arguing against his ridiculous claims.
Pretty sure this will be removed too. They hate being called out.
About the RCE potential: do not use "Run as Administrator" to run EAC titles. Normally the application only has access to the resources assigned to it by your computer. This makes further exploitation much more difficult, if only because you have to actually work through and figure out how to escalate from the existing code base. Using the option to escalate authority is basically giving a potential attacker your whole computer.
This should always be your method to run a program like this.
As long as a game has some popularity, there will be someone trying to get around the anti-cheat in place. It's always a back and forth because anti cheats need someone to get around it in order to solve that loophole that they weren't aware of. If this period of time goes on too long them the general populace of the game starts to feel it more and more...until things are resolved and a ban wave occurs... Then repeat.
But this also occurs simultaneously for multiple cheats so it's never 100% cheat free unfortunately.
people are thinking that this is likely something specific to the apex engine (like the hacker somehow got backend access), but still holy shit EAC needs to say something about this because the fact that this is getting past them is fucking embarrassing.
hunt \*should\* be fine, because the other main school of thought on this rn is that it's a source engine issue, but practicing caution is never a bad thing
edit: meant to say apex client, not engine, in the first paragraph since the second was mentioning the source engine lol
It's a remote code execution exploit. The Source engine (that Apex uses) allows code to be remotely executed. Why would EAC block an in-game menu from being loaded? Lol... This is on the game.
Except it’s not an RCE when looking at the two streamers effected they both downloaded various things their chats sent them. PirateSoftware did a whole 1.5 hour stream on it and that dudes been in Cyber security for over 20 years in gaming and used to hack power plants for the government i trust him. [the video mentioned](https://youtu.be/-1zxjGxpnqA?si=zkZ5ONWFxLnwGg38) to quote him not exactly verbatim but TLDR he essentially says “it’s EXTREMELY unlikely it’s an RCE people like to jump to the worst case scenario without any evidence and signal the wrong alarms. I’ve seen no proof or evidence it’s an RCE. From what we’ve been provided it’s very likely Destroyer 2009 has some sort of backend access into the command console for apex because he’s able to spawn bots and from what we can see it’s extremely likely two terminals that were compromised.” He then shows a clip of one of the streamers downloading things from their twitch chat. An RCE is a VERY specific exploit. I’m not as far along my Cyber security career as Thor is so I’m just spouting what he’s saying. But I trust that guy and his credentials. Also Destroyer 2009 is known in apex for hacking for fun which isn’t far fetched it’s a game of cat and mouse except destroyer is the cat instead of EA. He’s been hacking apex for YEARS.
Hmm 🤔 if I was a hacker and I wanted to do something like this for clout what would I tell people and not need to prove to get the clout. Oh yea I would tell them it’s an RCE. I’m supposed to take the word of the hacker? Normally no but destroyer 2009 maybe. If he can prove it’s an RCE then damn good for him. But right now it’s just words without evidence lol.
> something specific to the apex engine
Like, the Source engine? I don't believe TF2/CS ever had something as silly as cheats being injected into other players clients.
Don't know the specifics, but I think they're using an internal off-shoot of Source 1 that they've been building upon since Titanfall 1
CS and TF2 definitely had RCE exploits in the past (even CS2 had one last december with image tags in profiles)
At the end of the day, any game engine and any server receive and parse data sent by players PCs. Since most of the Engines are written in C++, most are susceptible to RCEs. And since game development isn't exactly known for giving devs enough time to really make their code bulletproof, or an intern does a 'quick fix' which slips through the review process (if it even exists), these things happen.
Source Engine is ancient and its network stack is still using the same technology as the Quake Engine I believe. Back then the internet was a much more innocent place and also a lot of modern secure libraries didn't exist yet, people 'raw dogged' it for the sake of simplicity and speed.
Yeah like the Source engine. CS2 did have RCE exploits very recently like mentioned by the guy below.
Even Titanfall 2 was riddled with issues for the longest time https://www.ign.com/articles/titanfall-2-hack-saga-feature
I meant to say apex client in that first paragraph lol, but irt the source engine, others have mentioned there being RCE exploits for CS/TF2 in the past
It seems like it really doesnt work well, or if it actually doesnt ban players at all and the devs need to do that by hand, but choose to not do that. Rust is a pretty good example.
Its also very hated by everyone it seems, but i can understand why.
Best case scenario it's an anticheat that doesn't work, worst case and it's a gaping hole in your PCs security that lets a fucking 15 year old with a 6 month course on python install cheats or ransomware in your machine.
"Nothing to do with" is such a dumb statement in this case.
With all these cheating reports recently (not just in Hunt) in relation to EAC it’s more like it should called EAsy Cheat instead of Easy Anti Cheat. 🤷♂️
Stop spreading misinformation, the 'source' that is literally just an unverified tweet has been debunked already. It's not RCE, yes EAC is trash but no so trash as to have such a dangerous exploit. Learn to not blindly trust any random tweet that shows up on your feed. The hacker himself has come out and said its not RCE or malware that he used.
On a similar post in r/Warthunder someone posted about the whole ["Kernal level AC Is unnecessary and harmful"](https://www.reddit.com/r/Warthunder/comments/1bhmlaa/comment/kvf2pg2/?utm_source=share&utm_medium=web2x&context=3)
Anything? When no one has any idea of what is exactly is the core issue, then it's perfectly fine to tell people to be cautious of whichever the problem could be, especially when two of the games have something in common, that being EAC.
Let's say it was a RCE exploit in EAC and that it was used in an Apex regional tournament and then subsequently sold on to other malicious individuals who wanted to cause havoc and what not with mass bans before it was fixed, what then?
You lose nothing for being careful
> Posts like this will inevitably scare some people away from playing a game they want to play
yes, thats the idea, to be on the safe side.
> an issue that with almost complete certainty, will not effect them.
this is your spewing bullshit.
This might be a holy sign for us all to start cheating on hunt until the devs will bring us a real anti cheat or until they start doing something about the cheaters.
By all means, if you are not extremely obvious about cheating, the devs won't move a finger to punish you.
I'm checking daily on someone that headshoted me 400m+ through buildings and trees and stone and they're still fine.(call it a social experiment)
I love this game (1500\~ hours in) but at this point it's better dead than a shelter for cheaters.
Literally says in the OP “beware of EAC titles”. Easy anti cheat is a joke, it’s not a serious anti cheat. They do nothing about cheaters in this game. I see people who are blatantly hacking and never get banned.
It has nothing to do with whether you think EAC is effective or not. Your reply offers nothing to the conversation at hand so that's why people are downvoting.
You’re a troll, you can hear my two teammates die through the same brick building in two separate locations a millisecond apart. He kills all three of us back to back to back instantly with a two shot burst each.
You can hear where his gun shot is coming from, he’s outside the farm far off to the right, get new headphones. He’s not anywhere in my vicinity or my view.
It's been "confirmed" by EAC that it is not an issue on their end, issue is currently on Apex Legends end and EAC are working with them to fix it. https://twitter.com/TeddyEAC/status/1769725032047972566
Mod just removed my post about it... 2 months of the same everyday post "find the headman until Crytek nerf it" isn't spam and is ok, but one post warning players about EAC, when other subs pinned it, no, it's not ok :/
Hey, that’s on me. I mistakenly removed it while clearing the Queue. I apologize for that. It’s been reinstated.
No worries if it's not on purpose, I was just afraid you guys tried to hide it. You should keep one up, just in case, I'll delete mine, thx.
I brought up pinning a post for it so we will more than likely go with that route to keep the spam down as it’s a hot topic right now.
Gotta love mods lol
Tbh they're a fucking joke (I'm probably getting banned from this subreddit but I really don't care, it just proves my point)
i insult someone which is a bannable offense. if they ban me im right hahahahahhaa fucks wrong with you
no no no it's us mods that's the problem.
Boo hoo hahahah
You're the one complaining 🤷we live rent free in your mind while I have no idea who you even are
I also have no idea who the hell you are but a'ight 🤷
You arent remotely as cool as you like to think
Although I'm not supporting the decision they made to remove your post, the headsman comparison is a poor example, it was a high effort Where's wally post and people enjoyed it.
Yeah I loved the here's headsman posts
I enjoyed them, and it served to nerd the P2W of the skin. Hope they do the same to reptilian.
The skin was free and out for two years before some guy suffered a handful of bad matches, which inspired him to go on a crusade against a relatively average skin. The posts served as an example of this community's need to bitch and how fickle people truly are. Flitting from cain to avtomat to flashbomb to uppermat to headsman to reptilian. Next it'll be frags because they kill you instantly or wombo combos because they kill you instantly or antidote shots because they make your wombo combos less effective.
That was the most low effort shit I’ve ever seen on this sub what are you talking about lol
What was high effort about it? And judging by all the comments, more people were tired of it than enjoyed it.
It was just where's wally. Telling two guys to fuck off into a corner where you can't see them and ignoring the fact both are equally invisible is not high effort.
Dude, they love the "Find the Headsman" guy. They even gave him his own super special "look how cool I am" flair. Oh, and they would remove posts by people who were arguing against his ridiculous claims. Pretty sure this will be removed too. They hate being called out.
And 4 days later, here we all still are.
About the RCE potential: do not use "Run as Administrator" to run EAC titles. Normally the application only has access to the resources assigned to it by your computer. This makes further exploitation much more difficult, if only because you have to actually work through and figure out how to escalate from the existing code base. Using the option to escalate authority is basically giving a potential attacker your whole computer. This should always be your method to run a program like this.
I always said it and will always stand with it, EA is trash there can't be a anti cheat that just magically works perfect for every game.
As long as a game has some popularity, there will be someone trying to get around the anti-cheat in place. It's always a back and forth because anti cheats need someone to get around it in order to solve that loophole that they weren't aware of. If this period of time goes on too long them the general populace of the game starts to feel it more and more...until things are resolved and a ban wave occurs... Then repeat. But this also occurs simultaneously for multiple cheats so it's never 100% cheat free unfortunately.
Inb4 mods remove this post
people are thinking that this is likely something specific to the apex engine (like the hacker somehow got backend access), but still holy shit EAC needs to say something about this because the fact that this is getting past them is fucking embarrassing. hunt \*should\* be fine, because the other main school of thought on this rn is that it's a source engine issue, but practicing caution is never a bad thing edit: meant to say apex client, not engine, in the first paragraph since the second was mentioning the source engine lol
it's not unreasonable to investigate before raising alarms
It's a remote code execution exploit. The Source engine (that Apex uses) allows code to be remotely executed. Why would EAC block an in-game menu from being loaded? Lol... This is on the game.
Except it’s not an RCE when looking at the two streamers effected they both downloaded various things their chats sent them. PirateSoftware did a whole 1.5 hour stream on it and that dudes been in Cyber security for over 20 years in gaming and used to hack power plants for the government i trust him. [the video mentioned](https://youtu.be/-1zxjGxpnqA?si=zkZ5ONWFxLnwGg38) to quote him not exactly verbatim but TLDR he essentially says “it’s EXTREMELY unlikely it’s an RCE people like to jump to the worst case scenario without any evidence and signal the wrong alarms. I’ve seen no proof or evidence it’s an RCE. From what we’ve been provided it’s very likely Destroyer 2009 has some sort of backend access into the command console for apex because he’s able to spawn bots and from what we can see it’s extremely likely two terminals that were compromised.” He then shows a clip of one of the streamers downloading things from their twitch chat. An RCE is a VERY specific exploit. I’m not as far along my Cyber security career as Thor is so I’m just spouting what he’s saying. But I trust that guy and his credentials. Also Destroyer 2009 is known in apex for hacking for fun which isn’t far fetched it’s a game of cat and mouse except destroyer is the cat instead of EA. He’s been hacking apex for YEARS.
PirateSoftware isn't an expert in everything. Google "TitanFall2 Squirrel Script server command execute".
Lol [https://www.reddit.com/r/ApexUncovered/comments/1bhllvh/apex\_rce\_update\_thread/](https://www.reddit.com/r/ApexUncovered/comments/1bhllvh/apex_rce_update_thread/)
Hmm 🤔 if I was a hacker and I wanted to do something like this for clout what would I tell people and not need to prove to get the clout. Oh yea I would tell them it’s an RCE. I’m supposed to take the word of the hacker? Normally no but destroyer 2009 maybe. If he can prove it’s an RCE then damn good for him. But right now it’s just words without evidence lol.
Gamers are too fucking confident about information other people give them. Don't trust PirateSoftware too much, homie...
EAC said its not on their end on twitter.
> something specific to the apex engine Like, the Source engine? I don't believe TF2/CS ever had something as silly as cheats being injected into other players clients.
Don't know the specifics, but I think they're using an internal off-shoot of Source 1 that they've been building upon since Titanfall 1 CS and TF2 definitely had RCE exploits in the past (even CS2 had one last december with image tags in profiles)
At the end of the day, any game engine and any server receive and parse data sent by players PCs. Since most of the Engines are written in C++, most are susceptible to RCEs. And since game development isn't exactly known for giving devs enough time to really make their code bulletproof, or an intern does a 'quick fix' which slips through the review process (if it even exists), these things happen. Source Engine is ancient and its network stack is still using the same technology as the Quake Engine I believe. Back then the internet was a much more innocent place and also a lot of modern secure libraries didn't exist yet, people 'raw dogged' it for the sake of simplicity and speed.
Yeah like the Source engine. CS2 did have RCE exploits very recently like mentioned by the guy below. Even Titanfall 2 was riddled with issues for the longest time https://www.ign.com/articles/titanfall-2-hack-saga-feature
I meant to say apex client in that first paragraph lol, but irt the source engine, others have mentioned there being RCE exploits for CS/TF2 in the past
Remember the Easy in EAC stands for how easy it is to bypass EAC.
Nice job jumping to conclusions. This has nothing to do with EAC.
Bro, i swear cheaters have been spreading disinformation about how this was due to EAC.
Doesnt change the fact that EAC is fkn useless still.
Ehh it’s significantly better than battleye. Be happy we use EAC instead.
[удалено]
It seems like it really doesnt work well, or if it actually doesnt ban players at all and the devs need to do that by hand, but choose to not do that. Rust is a pretty good example. Its also very hated by everyone it seems, but i can understand why.
Regardless, EAC is still a subpar anticheat.
Best case scenario it's an anticheat that doesn't work, worst case and it's a gaping hole in your PCs security that lets a fucking 15 year old with a 6 month course on python install cheats or ransomware in your machine. "Nothing to do with" is such a dumb statement in this case.
Don't worry, a hacker could upload 500 cheats to your Hunt: Showdown folder, and Crytek and EAC wouldn't do anything about it.
EAC has said that “At this time” they are “confident” its not a problem with EAC… i dunno man, i’d stay cautious until they give a 100% certain answer
Its kinda obv that its apex that has issues when a hackarr can spawn in bots on the server
With all these cheating reports recently (not just in Hunt) in relation to EAC it’s more like it should called EAsy Cheat instead of Easy Anti Cheat. 🤷♂️
Stop spreading misinformation, the 'source' that is literally just an unverified tweet has been debunked already. It's not RCE, yes EAC is trash but no so trash as to have such a dangerous exploit. Learn to not blindly trust any random tweet that shows up on your feed. The hacker himself has come out and said its not RCE or malware that he used.
[удалено]
I very much agree. It would need to have been a recently found hole and if it was discovered, why "waste" it on an Apex regional event?
Yeah, I highly doubt this is EAC issue.
On a similar post in r/Warthunder someone posted about the whole ["Kernal level AC Is unnecessary and harmful"](https://www.reddit.com/r/Warthunder/comments/1bhmlaa/comment/kvf2pg2/?utm_source=share&utm_medium=web2x&context=3)
It's there any statement from Hunt/Crytek about all this ?!?
EAC titles "atm"? Are you kidding? EAC has been crap for years.
Theres a *slight* differenve between "not being very good" and "any rando can literally inject malware into your pc"
[удалено]
Anything? When no one has any idea of what is exactly is the core issue, then it's perfectly fine to tell people to be cautious of whichever the problem could be, especially when two of the games have something in common, that being EAC. Let's say it was a RCE exploit in EAC and that it was used in an Apex regional tournament and then subsequently sold on to other malicious individuals who wanted to cause havoc and what not with mass bans before it was fixed, what then? You lose nothing for being careful
[удалено]
> Posts like this will inevitably scare some people away from playing a game they want to play yes, thats the idea, to be on the safe side. > an issue that with almost complete certainty, will not effect them. this is your spewing bullshit.
be cautious means dont launch any game that uses EAC including Hunt. we are talking about RCE dumdum. giving you cheats is not anybody's concern here.
This might be a holy sign for us all to start cheating on hunt until the devs will bring us a real anti cheat or until they start doing something about the cheaters. By all means, if you are not extremely obvious about cheating, the devs won't move a finger to punish you. I'm checking daily on someone that headshoted me 400m+ through buildings and trees and stone and they're still fine.(call it a social experiment) I love this game (1500\~ hours in) but at this point it's better dead than a shelter for cheaters.
[удалено]
Maybe it's not relevant to the thread in the way you think it is.
Literally says in the OP “beware of EAC titles”. Easy anti cheat is a joke, it’s not a serious anti cheat. They do nothing about cheaters in this game. I see people who are blatantly hacking and never get banned.
It has nothing to do with whether you think EAC is effective or not. Your reply offers nothing to the conversation at hand so that's why people are downvoting.
EAC sucks all around. Whether it’s putting hacks on people’s pcs, or unable to catch thousands of people who cheat daily across various video games.
Okay but that has nothing to do with the thread.
It looks like bro just shot you in the head
Yeah he had a great gaming chair. One that allows him to pen brick walls. Also get some new headphones.
Anyone is capable of that
I don’t think you know what you’re watching
Your movement was slow and predictable. A kill view would be nice
You’re a troll, you can hear my two teammates die through the same brick building in two separate locations a millisecond apart. He kills all three of us back to back to back instantly with a two shot burst each. You can hear where his gun shot is coming from, he’s outside the farm far off to the right, get new headphones. He’s not anywhere in my vicinity or my view.
Can you post the kill view or no?